<?php
  function followContact($contact_name) {
    $return_string = "";

    if (!isset($_SESSION['user_name'])) {
      $return_string .= "<returncode>0</returncode>\n";
      $return_string .= "<errormessage>You're not logged in!</errormessage>\n";
      return $return_string;
    }

    $query = "SELECT * FROM User WHERE name= '$contact_name'";
    $result = mysql_query($query);
    
    if (mysql_num_rows($result) == 0) {
      $return_string .= "<returncode>0</returncode>\n";
      $return_string .= "<errormessage>No such contact</errormessage>\n";
      return $return_string;
    }

    $result_row = mysql_fetch_assoc($result);
    $contact_id = $result_row['id'];

    $user_id = $_SESSION['user_id'];
    $query = "SELECT * FROM Contact WHERE follower_user_id=$user_id "
           . "AND followed_user_id=$contact_id";
    $result = mysql_query($query);

    if (mysql_num_rows($result) == 0) {
      $query = "INSERT INTO Contact "
             . "(follower_user_id, followed_user_id, rating)"
             . "VALUES($user_id, $contact_id, 0)";
      mysql_query($query);
    }
    $return_string .= "<returncode>1</returncode>\n";
    return $return_string;
  }

  function unfollowContact($contact_name) {
    $return_string = "";

    if (!isset($_SESSION['user_name'])) {
      $return_string .= "<returncode>0</returncode>\n";
      $return_string .= "<errormessage>You're not logged in!</errormessage>\n";
      return $return_string;
    }

    $query = "SELECT * FROM User WHERE name='$contact_name'";
    $result = mysql_query($query);
    
    if (mysql_num_rows($result) == 0) {
      $return_string .= "<returncode>0</returncode>\n";
      $return_string .= "<errormessage>No such contact</errormessage>\n";
      return $return_string;
    }

    $result_row = mysql_fetch_assoc($result);
    $contact_id = $result_row['id'];

    $user_id = $_SESSION['user_id'];
    $query = "SELECT * FROM Contact WHERE follower_user_id=$user_id "
           . "AND followed_user_id=$contact_id";
    $result = mysql_query($query);
    $return_string.= $query;
    if (mysql_num_rows($result) > 0) {
      $query = "DELETE FROM Contact "
             . "WHERE follower_user_id=$user_id "
             . "AND followed_user_id=$contact_id";
      mysql_query($query);
      $return_string .= $query;
    }
    $return_string .= "<returncode>1</returncode>\n";
    return $return_string;
  }

  function getContactList() {
    $return_string = "";
    if (!isset($_SESSION['user_name'])) {
      $return_string .= "<returncode>0</returncode>\n";
      $return_string .= "<errormessage>You're not logged in!</errormessage>\n";
      return $return_string;
    }
    $user_id = $_SESSION['user_id'];

    $query = "SELECT User.name "
           . "FROM Contact JOIN User "
           . "ON Contact.followed_user_id=User.id "
           . "WHERE Contact.follower_user_id=$user_id";
    $result = mysql_query($query);
    $return_string .= "<followed>";
    
    while($result_row = mysql_fetch_assoc($result)) {
      $return_string .= "<user>" . $result_row['name'] . "</user>";
    }
    $return_string .= "</followed>";

    $query = "SELECT User.name "
           . "FROM Contact JOIN User "
           . "ON Contact.follower_user_id=User.id "
           . "WHERE Contact.followed_user_id=$user_id";
    $result = mysql_query($query);
    $return_string .= "<follower>";
    
    while($result_row = mysql_fetch_assoc($result)) {
      $return_string .= "<user>" . $result_row['name'] . "</user>";
    }
    $return_string .= "</follower>";
    $return_string .= "<returncode>1</returncode>\n";
    return $return_string;
  }

?>
